Re^4: unable to eval dumped hash


Perl-Sensitive Sunglasses
	PerlMonks

Re^4: unable to eval dumped hash

by jcb (Parson)

on Apr 30, 2020 at 01:28 UTC ( [id://11116256]=note: print w/replies, xml )

Need Help??

in reply to Re^3: unable to eval dumped hash
in thread unable to eval dumped hash

That way requires a LOT of trust in the safety of Safe.

Perhaps so, but I do not expect that trust to be misplaced. Tcl uses the same concept for its "safe" interpreters and I do not recall any exploits in either that Tcl facility or Perl's Safe. Do you have a counterexample?

The safe way of saving and restoring data is to handle it as data, not as code.

I agree that that is the preferred option, but interface constraints from existing systems can interfere.

Comment on Re^4: unable to eval dumped hash

Replies are listed 'Best First'.
Re^5: unable to eval dumped hash (updated) by haukex (Archbishop) on May 02, 2020 at 09:39 UTC
Perhaps so, but I do not expect that trust to be misplaced. The issue is that Safe is opcode-specific, so it requires knowledge of the Perl internals: what code is compiled to which opcodes, which opcodes should I allow, what does each allowed opcode do, and how have those opcodes changed across Perl versions. Update: See also the thread More strongly discourage Safe.pm? on P5P.	[reply]

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://11116256]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others examining the Monastery: (4)

As of 2024-04-25 10:10 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found